<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta charset="utf-8"/>
<title>Cập nhật sản phẩm</title>
<link rel="stylesheet" href="Css/cc.css"></link>
</head>
<body>
<div class="wrapper">
<?php include 'connect.php';?>
<?php include 'menu.php';?>
<div class="content">
    <div class="content">
        <div class="regis">
    <?php
        if(isset($_GET['cn']))
        {
            $cn = $_GET["cn"];
            $query = $con->query("select * from product where id=".$cn);
            if($row = mysqli_fetch_array($query))
            {?>
        <fieldset>
        <legend>Cập nhật</legend>
        <form name="frmupdate" method="post" action="update.php?cn=<?php echo $cn; ?>" enctype="multipart/form-data">
            <pre>
            <div>Tên sản phẩm: <input type="text" name="txtten" value="<?php echo $row["name"] ?>"></input></div>
            <div><input type="file" name="fileimage" value="<?php echo $row["image"] ?>"></input>Chọn ảnh</div>
            <div>Thông tin:    <input type="text" name="txtinfo" value="<?php echo $row["info"] ?>"></input></div>
            <div>Giá sản phẩm: <input type="text" name="txtgia" value="<?php echo $row["price"] ?>"></input></div>
            <div>Danh mục cha: <input type="text" name="txtdmcha" value="<?php echo $row["categoryid"] ?>"></input></div>
            <div>Danh mục con: <input type="text" name="txtdmcon" value="<?php echo $row["categorydetailid"] ?>"></input></div>
            <div>                                     <input type="submit" value="Cập nhật" name="subm" class="regis_button"></input><input type="submit" value="Trở lại" name="cancel" class="regis_button"></input></div>
            </pre>
        </form>
         </fieldset>
            <?php
             }
             if(isset($_POST["subm"]))
                 {
                    $name = $con->real_escape_string($_POST["txtten"]);
                    $image = $con->real_escape_string($_FILES["fileimage"]["name"]);
                    $link = $con->real_escape_string("Images/Product-images/$image");
                    $price = $con->real_escape_string($_POST["txtgia"]);
                    $info = $con->real_escape_string($_POST["txtinfo"]);
                    $categoryid = $con->real_escape_string($_POST["txtdmcha"]);
                    $categorydetailid = $con->real_escape_string($_POST["txtdmcon"]);
                    $test = "UPDATE product SET name='{$name}', image='{$link}', price={$price}, info='{$info}', categoryid={$categoryid}, categorydetailid={$categorydetailid} WHERE id=".$cn;
                   if ($_name = "" or $image == "" or $price == "" or $info == "" or $categoryid = "" or $categorydetailid = "")
                      {
                       echo "<script>alert(\"Không được để trống dữ liệu!\");</script>";
                      }
                    elseif ($update = $con->query($test))
                    {
                        move_uploaded_file($_FILES["fileimage"]["tmp_name"], $link);
                        echo "<script>alert(\"Cập nhật thành công!\");</script>";
                    }
                    else
                    {
                        echo "<script>alert(\"Cập nhật thất bại!\");</script>";
                    }
                }
             if (isset($_POST['cancel']))
             {
                        header('Location:/Project/product_manager.php?on=1');
             }
        }
        if(isset($_GET['cn2']))
        {
            $cn = $_GET["cn2"];
            $query = $con->query("select * from footwear where id=".$cn);
            if($row = mysqli_fetch_array($query))
            {?>
        <fieldset>
        <legend>Cập nhật</legend>
        <form name="frmupdate" method="post" action="" enctype="multipart/form-data">
            <pre>
            <div>Tên sản phẩm: <input type="text" name="txtten" value="<?php echo $row["name"] ?>"></input></div>
            <div><input type="file" name="fileimage" value="<?php echo $row["image"] ?>"></input>Chọn ảnh</div>
            <div>Thông tin:    <input type="text" name="txtinfo" value="<?php echo $row["info"] ?>"></input></div>
            <div>Giá sản phẩm: <input type="text" name="txtgia" value="<?php echo $row["price"] ?>"></input></div>
            <div>Danh mục cha: <input type="text" name="txtdmcha" value="<?php echo $row["category_foot"] ?>"></input></div>
            <div>Danh mục con: <input type="text" name="txtdmcon" value="" readonly="False"></input></div>
            <div>                                     <input type="submit" value="Cập nhật" name="subm" class="regis_button"></input><input type="submit" value="Trở lại" name="cancel" class="regis_button"></input></div>
            </pre>
        </form>
         </fieldset>
            <?php }
            if(isset($_POST["subm"]))
                 {
                    $name = $con->real_escape_string($_POST["txtten"]);
                    $image = $con->real_escape_string($_FILES["fileimage"]["name"]);
                    $link = $con->real_escape_string("Images/footwear/$image");
                    $price = $con->real_escape_string($_POST["txtgia"]);
                    $info = $con->real_escape_string($_POST["txtinfo"]);
                    $categoryfoot = $con->real_escape_string($_POST["txtdmcha"]);
                    $categorydetailid = "Null";
                    $test = "UPDATE footwear SET name='{$name}', image='{$link}', price={$price}, info='{$info}', category_foot={$categoryfoot} WHERE id=".$cn;
                   if ($_name = "" or $image == "" or $price == "" or $info == "" or $categoryid = "")
                      {
                       echo "<script>alert(\"Không được để trống dữ liệu!\");</script>";
                      }
                    elseif ($update = $con->query($test))
                    {
                        move_uploaded_file($_FILES["fileimage"]["tmp_name"], $link);
                        echo "<script>alert(\"Cập nhật thành công!\");</script>";
                    }
                    else
                    {
                        echo "<script>alert(\"Cập nhật thất bại!\");</script>";
                    }
                }
             if (isset($_POST['cancel']))
             {
                        header('Location:/Project/product_manager.php?on2=2');
             }
        }
        if(isset($_GET['a']))
        { 
           $query = "select * from categorydetail";
           $result = $con->query($query);
           {
            ?>
        <fieldset>
        <legend>Thêm mới</legend>
        <form name="frmupdate" method="post" action="update.php?a=a" enctype="multipart/form-data">
            <pre>
            <div>Tên sản phẩm: <input type="text" name="txtten" ></input></div>
            <div><input type="file" name="fileimage" ></input>Chọn ảnh</div>
            <div>Thông tin:    <input type="text" name="txtinfo" ></input></div>
            <div>Giá sản phẩm: <input type="text" name="txtgia"></input></div>
            <div>Danh mục cha: <select name="categoryid"><option value="1">Áo dài tay</option><option value="2">Áo ngắn tay</option><option value="3">Quần</option></select></div>
            <div>Danh mục con: <select name="categorydetail"><?php 
           while($row = mysqli_fetch_array($result)){ ?><option value="<?php echo $row['id'];?>"><?php echo $row['name']; ?></option><?php } ?></select></div>
            <div>                                     <input type="submit" value="Thêm" name="subm" class="regis_button"></input><input type="submit" value="Trở lại" name="cancel" class="regis_button"></input></div>
            </pre>
        </form>
         </fieldset>
           <?php }
             if(isset($_POST["subm"]))
                 {
                    $name = $con->real_escape_string($_POST["txtten"]);
                    $image = $con->real_escape_string($_FILES["fileimage"]["name"]);
                    $link = $con->real_escape_string("Images/Product-images/$image");
                    $price = $con->real_escape_string($_POST["txtgia"]);
                    $info = $con->real_escape_string($_POST["txtinfo"]);
                    $categoryid = $con->real_escape_string($_POST["categoryid"]);
                    $categorydetailid = $con->real_escape_string($_POST["categorydetail"]);
                    $test = "Insert into product value ('' , '{$name}', '{$link}', {$price}, '{$info}', {$categoryid}, {$categorydetailid})";
                   if ($_name = "" or $image == "" or $price == "" or $info == "" or $categoryid = "" or $categorydetailid = "")
                      {
                       echo "<script>alert(\"Không được để trống dữ liệu!\");</script>";
                      }
                    elseif ($update = $con->query($test))
                    {
                        move_uploaded_file($_FILES["fileimage"]["tmp_name"], $link);
                        echo "<script>alert(\"Thêm mới thành công!\");</script>";
                    }
                    else
                    {
                        echo "<script>alert(\"Thêm mới thất bại!$test\");</script>";
                    }
                }
             if (isset($_POST['cancel']))
             {
                        header('Location:/Project/product_manager.php?on=1');
             }
        }
        if(isset($_GET['b']))
        { 
           $query = "select * from category2";
           $result = $con->query($query);
           {
            ?>
        <fieldset>
        <legend>Thêm mới</legend>
        <form name="frmupdate" method="post" action="update.php?b=b" enctype="multipart/form-data">
            <pre>
            <div>Tên sản phẩm: <input type="text" name="txtten" ></input></div>
            <div><input type="file" name="fileimage" ></input>Chọn ảnh</div>
            <div>Thông tin:    <input type="text" name="txtinfo" ></input></div>
            <div>Giá sản phẩm: <input type="text" name="txtgia"></input></div>
            <div>Danh mục : <select name="categoryfoot"><?php 
           while($row = mysqli_fetch_array($result)){ ?><option value="<?php echo $row['id']; ?>"><?php echo $row['name']; ?></option><?php } ?></select></div>
            <div>                                     <input type="submit" value="Thêm" name="subm" class="regis_button"></input><input type="submit" value="Trở lại" name="cancel" class="regis_button"></input></div>
            </pre>
        </form>
         </fieldset>
           <?php }
             if(isset($_POST["subm"]))
                 {
                    $name = $con->real_escape_string($_POST["txtten"]);
                    $image = $con->real_escape_string($_FILES["fileimage"]["name"]);
                    $link = $con->real_escape_string("Images/footwear/$image");
                    $price = $con->real_escape_string($_POST["txtgia"]);
                    $info = $con->real_escape_string($_POST["txtinfo"]);
                    $categoryfoot = $con->real_escape_string($_POST["categoryfoot"]);
                    $test = "Insert into footwear value ('' ,'{$name}', '{$link}', '{$info}', {$price}, {$categoryfoot})";
                   if ($_name = "" or $image == "" or $price == "" or $info == "" or $categoryfoot = "")
                      {
                       echo "<script>alert(\"Không được để trống dữ liệu!\");</script>";
                      }
                    elseif ($update = $con->query($test))
                    {
                        move_uploaded_file($_FILES["fileimage"]["tmp_name"], $link);
                        echo "<script>alert(\"Thêm mới thành công!\");</script>";
                    }
                    else
                    {
                        echo "<script>alert(\"Thêm mới thất bại!\");</script>";
                    }
                }
             if (isset($_POST['cancel']))
             {
                        header('Location:/Project/product_manager.php?on2=2');
             }
        }
        if(isset($_GET['c']))
        { $c = $_GET['c'];
           $query = "select * from members where user='{$c}'";
           $result = $con->query($query);
           if($row = mysqli_fetch_array($result))
           {
            ?>
        <fieldset>
        <legend>Cập nhật</legend>
        <form name="frmupdate" method="post" action="" enctype="multipart/form-data">
            <pre>
            <div>Tên người dùng: <input type="text" name="txtten" value="<?php echo $row['name']; ?>" ></input></div>
            <div>Mật khẩu :      <input type="text" name="txtpass" value="<?php echo $row['pass']; ?>" ></input></div>
            <div>                                     <input type="submit" value="Cập nhật" name="subm" class="regis_button"></input><input type="submit" value="Trở lại" name="cancel" class="regis_button"></input></div>
            </pre>
        </form>
         </fieldset>
           <?php }
             if(isset($_POST["subm"]))
                 {
                    $name = $con->real_escape_string($_POST["txtten"]);
                    $info = $con->real_escape_string($_POST["txtpass"]);
                    $pwd = md5($info);
                    $test = "UPDATE members SET name='{$name}', pass='{$info}' WHERE user='{$c}'";
                   if ($_name = "" or $info == "")
                      {
                       echo "<script>alert(\"Không được để trống dữ liệu!\");</script>";
                      }
                    elseif ($update = $con->query($test))
                    {
                        echo "<script>alert(\"Cập nhật thành công!\");</script>";
                    }
                    else
                    {
                        echo "<script>alert(\"Cập nhật thất bại!\");</script>";
                    }
                }
             if (isset($_POST['cancel']))
             {
                        header('Location:/Project/user_manager.php');
             }
        }
        ?>
        </div></div>
</div>
<div class="footer">
We are... Mr.Chuot Tru, Mr.Minh Ho
<hr  width="20%" style="margin-left:40%; margin-top:8px;"/>
<pre><br /><br />
Coppyright: Aitieducation
</pre>
</div>
</div>
</div>
</body>
</html>